Vulnerability Analysis
The extensive networking of a company’s IT infrastructure results in numerous risks. In particular, the IT systems exposed on the Internet are continually subjected to attacks, which are largely automated and untargeted. But IT systems in the internal network can also be exposed to attack attempts, for example by your own employees or by attackers who have already gained access to the internal network through a previous attack. The threats range from data theft by internal perpetrators or external intruders to infection with malware. It is therefore of central importance to identify potential vulnerabilities in externally accessible IT systems as well as in internal systems that attackers can use as an entry point for further attacks. This can be achieved with a Vulnerability Analysis.
Objective
Broad analysis of IT systems with a high degree of coverage to identify vulnerabilities that can serve as entry points for further attacks
Question
At which points could attackers start and how high is the risk from existing vulnerabilities?
Scope
All IT systems and components in a defined IP address range
Process
With the Vulnerability Analysis we offer you a broad and comprehensive examination of all your IT systems within a defined area with regard to existing security weaknesses. The focus here is on the highest possible degree of coverage, to identify initial attack vectors and vulnerabilities on your IT systems. The assessment is based on automated scans, the results of which are then subjected to a manual risk analysis and assessment. It is also possible to verify critical vulnerabilities through direct attack attempts. In more complex IT environments, the assessment is realized in teams of two people.
Components
A Vulnerability Analysis includes the following aspects:
- Enumeration (recording) of accessible external and/or internal IT systems and services
- Automated vulnerability scan with specific software tools
- Manual analysis and evaluation of results to identify attackable vulnerabilities and security gaps
- Manual verification of detected security vulnerabilities via direct attacks (where sensible and upon consultation)
- Further aspects may be included in the assessment such as: separation of the LAN from external networks with several positions of trust (WAN connection of company branches, WAN connection of external partners, etc.), security aspects of the internal network segmentation (VLAN, etc.), quality of the system administration (patch management, password management, etc.)
Test and attack scenarios will be discussed with the system supervisor during the assessment and may be adjusted if required.
Result
As a result of the assessment we will provide a detailed report including the following parts:
- Management summary with a description of the results and the security level
- Description of the project approach, scope, schedule and methodology
- Description of the applied methodology and any identified vulnerabilities
- Detailed description of identified vulnerabilities in order to understand underlying issues and to enable reconstruction of possible attacks
- Risk assessment of identified vulnerabilities taking into account the IT environment or the application context (risk classification: low, medium, high, critical)
- Description of measures to remedy the vulnerabilities
- If necessary, a description of higher-level strategy, concept and process-related measures or optimization suggestions.
Differences to a Penetration Test
In contrast to the targeted approach of a penetration test , the focus of the vulnerability analysis is on the broadest and most comprehensive examination possible. The vulnerability analysis is based on the results of automated scans which are then subjected to manual risk analyses and assessments.
The exploitation of multiple subsequent vulnerabilities (post exploitation) as it is used in a penetration test in order to penetrate as far as possible into an infrastructure or an IT system, however, is not part of the vulnerability analysis.